Overview

overview

8

Static

static

3

089dd5b6f6...18.dll

windows7-x64

1

089dd5b6f6...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    089dd5b6f62add74c09ab7ed55dc122b_JaffaCakes118

  • Size

    28KB

  • Sample

    240624-p4l89ssgqg

  • MD5

    089dd5b6f62add74c09ab7ed55dc122b

  • SHA1

    d80b77dab69103ae80e6d4cd53ce077a252ef513

  • SHA256

    b287056346e9d7a0dd3cf40a9113849d7b102d78d0c19f7940809303232c4bf8

  • SHA512

    95f78e1ee7761532cb0f3532e4fe963f4eb6549675b4d153b673c49781ff58534a11bbb84f525997ff87415d9927518796e5971c884bc3da26903488205e8b39

  • SSDEEP

    384:QscL0XLgMzbKiYyV4QeFEADoyLDvV3VitxMRRZ8V49KJEmDxEmy5g:Q1bF9DoUNKxw2fvDxEmy5g

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      089dd5b6f62add74c09ab7ed55dc122b_JaffaCakes118

    • Size

      28KB

    • MD5

      089dd5b6f62add74c09ab7ed55dc122b

    • SHA1

      d80b77dab69103ae80e6d4cd53ce077a252ef513

    • SHA256

      b287056346e9d7a0dd3cf40a9113849d7b102d78d0c19f7940809303232c4bf8

    • SHA512

      95f78e1ee7761532cb0f3532e4fe963f4eb6549675b4d153b673c49781ff58534a11bbb84f525997ff87415d9927518796e5971c884bc3da26903488205e8b39

    • SSDEEP

      384:QscL0XLgMzbKiYyV4QeFEADoyLDvV3VitxMRRZ8V49KJEmDxEmy5g:Q1bF9DoUNKxw2fvDxEmy5g

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks